------- Comment From bastian.pfei...@de.ibm.com 2016-07-14 09:08 EDT------- Hi,
that's right ! A workaround would be to configure the IBMCA engine into openssl (openssl.cnf). However, as the Polyakov code directly make use of the CPACF instructions we will end up with about 50 % performance degradation compared to the 'longer' way through the libica API for small payloads. For the asymmetric case, when no CEX5 cards are available, we will still have a factor ~4. You remember the 'bn_mult_add_words' improvements, right ? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1602655 Title: The openssl s390x assembly pack is not used Status in Ubuntu on IBM z Systems: Confirmed Status in openssl package in Ubuntu: Confirmed Status in openssl source package in Xenial: New Bug description: The openssl s390x assembly code is not available, causing a fallback to openssl internal C-code. The performance degradation is up to a factor 4 for asymmetric (RSA, ...) and a factor >10 for symmetric cipher like SHA & AES. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1602655/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
